Many authentication methods and other security mechanisms are available to protect online accounts against unauthorized access. In general, all such methods require a compromise between ease of access to the account by the owner and strength of security against access by an attacker. For example, a simple password may permit a user to quickly and easily access an account. In contrast, a security mechanism that requires the combination of a password plus a one-time personal identification code is not as easy for the account's user, but it is considerably harder for an attacker to breach than the simple password option.
Determining an appropriate authentication method to use for a particular account can be challenging. Using methods that are too onerous may lock legitimate users out of their accounts, while using methods that are too lax may allow attackers in.
Accordingly, the inventors have determined that there is a need to identify methods that more effectively balance the trade-off between effective security and ease of use.